Amazon selling Android tablets with pre-installed Chinese Trojan

Android Tablets with pre-installed Trojan were sold on Amazon and some other online market places, which will install a malicious malware and corrupts antivirus apps silently from devices. The Trojan is dubbed as “Cloudsota”, which was first discovered by the Cheetah Mobile Security Lab researchers.

This Trojan is developed by Chinese hackers according to Cheetah Mobile Security Lab researchers because the Trojan code, location of malware server and it was manufactured by Chinese companies. Cheetah Mobile Security Lab researchers posted the reviews of many customers who purchased these cheap Android tablets from online marketplaces like Amazon.

The researchers further identified that an attacker can remotely control these infected tablets. The number of tablets delivered which are infected with these Trojans are believed to be around 17,233 but there is a large number which is already been shipped by Amazon and other online marketplaces. 

Cloudsota infected devices are redirecting to some strange ads pages, automatically removing anti-virus apps, changing the users default home page. Because the Trojan has root permission, it will be restored automatically after rebooting the device. So, practically users cannot remove this Trojan from their devices.

United States, Mexico and Turkey are the countries where these pre-installed Trojan tablets are shipped. But the tablets with no brand name are believed to be highly effected according to the Cheetah Mobile research team. There are around 30 brands with are also infected with Cloudsota Trojan, but severity level is pretty low.

The Amazon and other online marketplaces are still selling these infected Trojans. So, people should avoid ordering any unbranded or low priced tablets from these marketplaces for now. Some Android tablet brands which are believed to be infected with Cloudsota Trojan are  JYJ 7, JEJA 7 Zoll, FUSION5, Alldaymall Tablet, Yuntab SZ Wave, and Tagital.

All of these infected tablets are manufactured by the Chinese manufactures, who didn’t even responded to the Cheetah Mobile security lab when they suggested them to analyze their firmware. This is not the first time a n Android device is sold with a per-installed Trojan. People in Asia and Africa has been target before with the same type of campaigns.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...

Digital Forensics Investigation using Autopsy In Kali Linux

Autopsy is one of the digital forensics tools use to investigate what happened on a computer. It offers a GUI access to variety of...